Apache2 403 error with multiple virtual host

Question

I have some issues with my Apache2 installation.

The last week by a hard disk failure I made a general backup, change the hard disk to a new one and install again all the SO (Debian 7 AMD64) and Apache2. I've restored all data from backup to the new disk.

I've configured again the virtual host with the same configuration like the last installation, but this time when I try to access to any virtual host except one that only host static content.

There's no error on Apache error files and also no error or warning during Apache startup. I've also checked permissions and owners at the file system.

Here's my config files:

apache2.conf

ServerRoot "/etc/apache2"

LockFile ${APACHE_LOCK_DIR}/accept.lock
PidFile ${APACHE_PID_FILE}
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5

<IfModule mpm_prefork_module>
    StartServers          5
    MinSpareServers       5
    MaxSpareServers      10
    MaxClients          150
    MaxRequestsPerChild   0
</IfModule>

<IfModule mpm_worker_module>
    StartServers          2
    MinSpareThreads      25
    MaxSpareThreads      75 
    ThreadLimit          64
    ThreadsPerChild      25
    MaxClients          150
    MaxRequestsPerChild   0
</IfModule>

<IfModule mpm_event_module>
    StartServers          2
    MinSpareThreads      25
    MaxSpareThreads      75 
    ThreadLimit          64
    ThreadsPerChild      25
    MaxClients          150
    MaxRequestsPerChild   0
</IfModule>

User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}

AccessFileName .htaccess

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy all
</Files>

DefaultType None
HostnameLookups Off
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel debug
Include mods-enabled/*.load
Include mods-enabled/*.conf
Include ports.conf
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
 LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
 LogFormat "%h %l %u %t \"%r\" %>s %O" common
 LogFormat "%{Referer}i -> %U" referer
 LogFormat "%{User-agent}i" agent
 Include conf.d/
 Include httpd.conf

httpd.conf

<VirtualHost x.x.x.x:80>
        DocumentRoot /home/www/hostname.domain.tld
        ServerName hostname.domain.tld
        ServerAdmin soporte@domain.tld

        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>

        <Directory /home/www/hostname.domain.tld>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>
</VirtualHost>

<VirtualHost x.x.x.x:80>
        DocumentRoot /home/www/static.domain.tld
        ServerName static.domain.tld
        ServerAdmin soporte@domain.tld

        <Directory /home/www/static.domain.tld>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>
</VirtualHost>

<VirtualHost x.x.x.x:80>
        DocumentRoot /home/www/mail.anijapan.com
        ServerName mail.domain.tld
        ServerAdmin soporte@domain.tld

        <Directory /home/www/mail.domain.tld>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>
</VirtualHost>

<VirtualHost x.x.x.x:80>
        DocumentRoot /home/www/bugs.domain.tld
        ServerName bugs.domain.tld
        ServerAdmin soporte@domain.tld

        <Directory /home/www/bugs.domain.tld>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>
</VirtualHost>

ports.conf

NameVirtualHost x.x.x.x:80
Listen 80

<IfModule mod_ssl.c>
    Listen 443
</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
</IfModule>

I've tried different things, looked in Google, etc without any result.

Anyone has some idea of my problem?

Thanks!

No, it's mounted in read/write mode: /dev/sda3 /home ext4 rw,relatime,user_xattr,barrier=1,data=ordered 0 0 — ramon, May 20 '14 at 07:12
Yes, at ports.conf file. `NameVirtualHost x.x.x.x:80 Listen 80` — ramon, May 20 '14 at 11:57

score 0 · Answer 1 · answered May 20 '14 at 07:39

0

Start apache like this, foreground + debug, if it can't write the logs because some reason, with this way it will start.

. /etc/apache2/envvars
apache2 -e debug -DFOREGROUND

Another recommendation would be to look at /var/log/messages and /var/log/syslog, but you've probably done that already More info in this page zroger.com

answered May 20 '14 at 07:39

aseques

718
4
12
28

I've started the server in this way and no error it's shown. Personally I think that maybe it could be a misconfiguration problem. Apache2 version it's 2.2.22 – ramon May 20 '14 at 09:13
When started in foreground, can you browse the sites normally? – aseques May 20 '14 at 13:53
No, I continue having the same problem. Only the site with static content doesn't return 403. I've started the server in this way: `root@mirai:/etc/apache2# apache2 -f /etc/apache2/apache2.conf -e debug -DFOREGROUND` No error appears on screen or syslog or apache2 log files. – ramon May 20 '14 at 14:01
You should verify that you have mod_rewrite enabled, it might be the cause, many cms require it – aseques May 21 '14 at 06:56
Thanks for your reply. I've checked the list of loaded modules in Apache and rewrite it's enabled `root@mirai:/etc/apache2# apachectl -t -D DUMP_MODULES Loaded Modules: core_module (static) log_config_module (static) logio_module (static) version_module (static) mpm_prefork_module (static) http_module (static) so_module (static) alias_module (shared) auth_basic_module (shared) authn_file_module (shared) authz_default_module (shared) authz_groupfile_module (shared) authz_host_module (shared) authz_user_module (shared) autoindex_module (shared)[...] rewrite_module (shared)[...]` – ramon May 21 '14 at 07:27

score 0 · Accepted Answer · answered May 22 '14 at 14:57

I've finally reach to have Apache working without 403 errors. The reason of 403 errors was very easy and it's not located on the server.

For domain DNS management I use CloudFlare. To give service while the server HD was changed, I move all websites to another server with a new IP. After I install the OS over the new HD, I moved the websites to new disk from the rescue server, and I've changed on CloudFlare the IP for the DNS records to the old one, but CloudFlare fails here, because they don't spread by an internal error the new IP address. I saw that making a traceroute (very silly solution but effective) to see the real final destination of A record, not the final destination that appear on CloudFlare.

To make CloudFlare to use the correct A record, I've deleted it, save the change, and then add the A record to the correct IP address. Once I do that, all started to work properly.

First thing you should try always is to do a ping to ensure you are connecting to the proper server. — aseques, May 22 '14 at 16:41
I usually do that, but this time I forgot to do it. A really stupid mistake. — ramon, May 23 '14 at 07:38

Apache2 403 error with multiple virtual host

2 Answers2